Spanning Tree Protocol (STP) is a Layer 2 protocol that runs on bridges
and switches. The specification for STP is IEEE 802.1D. The main purpose of STP
is to ensure that you do not create loops when you have redundant paths in your
network. Loops are deadly to a network.

Although this document uses Cisco Catalyst 5500/5000 Switches, the
spanning tree principles that the document presents are applicable to almost
all devices that support STP.

For the examples, this document used:

A
console
cable that is suitable for the Supervisor Engine in the
switch

Six Catalyst 5509 Switches

The information in this document was created from the devices in a
specific lab environment. All of the devices used in this document started with
a cleared (default) configuration. If your network is live, make sure that you
understand the potential impact of any command.

The configurations in this document apply to Catalyst 2926G, 2948G,
2980G, 4500/4000, 5500/5000, and 6500/6000 Switches that run Catalyst OS
(CatOS). Refer to these documents for information on the configuration of STP
on other switch platforms:

STP runs on bridges and switches that are 802.1D-compliant. There are
different flavors of STP, but 802.1D is the most popular and widely
implemented. You implement STP on bridges and switches in order to prevent
loops in the network. Use STP in situations where you want redundant links, but
not loops. Redundant links are as important as backups in the case of a
failover in a network. A failure of your primary activates the backup links so
that users can continue to use the network. Without STP on the bridges and
switches, such a failure can result in a loop. If two connected switches run
different flavors of STP, they require different timings to converge. When
different flavors are used in the switches, it creates timing issues between
Blocking and Forwarding states. Therefore, it is recommended to use the same
flavors of STP. Consider this network:

In this network, a redundant link is planned between Switch A and
Switch B. However, this setup creates the possibility of a bridging loop. For
example, a broadcast or multicast packet that transmits from Station M and is
destined for Station N simply continues to circulate between both switches.

However, when STP runs on both switches, the network logically looks
like this:

Switches 12, 13, 14, 16, and 17 are switches that attach to
workstations and PCs.

The network defines these VLANs:

1

200

201

202

203

204

The VLAN Trunk Protocol (VTP) domain name is
STD-Doc.

In order to provide this desired path redundancy, as well as to avoid a
loop condition, STP defines a tree that spans all the switches in an extended
network. STP forces certain redundant data paths into a standby (blocked) state
and leaves other paths in a forwarding state. If a link in the forwarding state
becomes unavailable, STP reconfigures the network and reroutes data paths
through the activation of the appropriate standby path.

With STP, the key is for all the switches in the network to elect a
root bridge that becomes the focal point in the network. All other decisions in
the network, such as which port to block and which port to put in forwarding
mode, are made from the perspective of this root bridge. A switched
environment, which is different from a bridge environment, most likely deals
with multiple VLANs. When you implement a root bridge in a switching network,
you usually refer to the root bridge as the root switch. Each VLAN must have
its own root bridge because each VLAN is a separate broadcast domain. The roots
for the different VLANs can all reside in a single switch or in various
switches.

Note: The selection of the root switch for a particular VLAN is very
important. You can choose the root switch, or you can let the switches decide,
which is risky. If you do not control the root selection process, there can be
suboptimal paths in your network.

All the switches exchange information for use in the root switch
selection and for subsequent configuration of the network. Bridge protocol data
units (BPDUs) carry this information. Each switch compares the parameters in
the BPDU that the switch sends to a neighbor with the parameters in the BPDU
that the switch receives from the neighbor.

In the STP root selection process, less is better. If Switch A
advertises a root ID that is a lower number than the root ID that Switch B
advertises, the information from Switch A is better. Switch B stops the
advertisement of its root ID, and accepts the root ID of Switch A.

Before you configure STP, select a switch to be the root of the
spanning tree. This switch does not need to be the most powerful switch, but
choose the most centralized switch on the network. All data flow across the
network is from the perspective of this switch. Also, choose the least
disturbed switch in the network. The backbone switches often serve as the
spanning tree root because these switches typically do not connect to end
stations. Also, moves and changes within the network are less likely to affect
these switches.

After you decide on the root switch, set the appropriate variables to
designate the switch as the root switch. The only variable that you must set is
the bridge priority. If the switch has a bridge priority that
is lower than all the other switches, the other switches automatically select
the switch as the root switch.

Clients (end stations) on Switch Ports

You can also issue the set
spantree portfast command, on a per-port basis. When you
enable the portfast variable on a port, the port
immediately switches from blocking mode to forwarding mode. Enablement of
portfast helps to prevent timeouts on clients who
use Novell Netware or use DHCP in order to obtain an IP address. However, do
not use this command when you have switch-to-switch
connection. In this case, the command can result in a loop. The 30- to
60-second delay that occurs during the transition from blocking to forwarding
mode prevents a temporal loop condition in the network when you connect two
switches.

Leave most other STP variables at their default values.

Rules of Operation

This section lists rules for how STP works. When the switches first
come up, they start the root switch selection process. Each switch transmits a
BPDU to the directly connected switch on a per-VLAN basis.

As the BPDU goes out through the network, each switch compares the BPDU
that the switch sends to the BPDU that the switch receives from the neighbors.
The switches then agree on which switch is the root switch. The switch with the
lowest bridge ID in the network wins this election process.

Note: Remember that one root switch is identified per-VLAN. After the root
switch identification, the switches adhere to these rules:

STP Rule 1—All ports of the root switch must be in
forwarding mode.

Note: In some corner cases, which involve self-looped ports, there is an
exception to this rule.

Next, each switch determines the best path to get to the root. The
switches determine this path by a comparison of the information in all the
BPDUs that the switches receive on all ports. The switch uses the port with the
least amount of information in the BPDU in order to get to the root switch; the
port with the least amount of information in the BPDU is the root port. After a
switch determines the root port, the switch proceeds to rule
2.

STP Rule 2—The root port must be set to forwarding
mode.

In addition, the switches on each LAN segment communicate with each
other to determine which switch is best to use in order to move data from that
segment to the root bridge. This switch is called the designated
switch.

STP Rule 3—In a single LAN segment, the port of the
designated switch that connects to that LAN segment must be placed in
forwarding mode.

STP Rule 4—All the other ports in all the switches
(VLAN-specific) must be placed in blocking mode. The rule only applies to ports
that connect to other bridges or switches. STP does not affect ports that
connect to workstations or PCs. These ports remain forwarded.

Note: The addition or removal of VLANs when STP runs in per-VLAN spanning
tree (PVST / PVST+) mode triggers spanning tree recalculation for that VLAN
instance and the traffic is disrupted only for that VLAN. The other VLAN parts
of a trunk link can forward traffic normally. The addition or removal of VLANs
for a Multiple Spanning Tree (MST) instance that exists triggers spanning tree
recalculation for that instance and traffic is disrupted for all the VLAN parts
of that MST instance.

Note: By default, spanning tree runs on every port. The spanning tree
feature cannot be turned off in switches on a per-port basis. Although it is
not recommended, you can turn off STP on a per-VLAN basis, or globally on the
switch. Extreme care should be taken whenever you disable spanning tree because
this creates Layer 2 loops within the network.

Note: In this scenario, all the switches started with cleared
configurations. Therefore, all the switches started with a bridge priority of
32768. If you are not certain that all the switches in your network have a
priority that is greater than 8192, set the priority of your desired root
bridge to 1.

Issue the
show
spantree vlan_id command in order
to verify that Switch 15 is the root of all the appropriate
VLANs.

From the output from this command, compare the MAC address of the
switch that is the root switch to the MAC address of the switch from which you
issued the command. If the addresses match, the switch that you are in is the
root switch of the VLAN. A root port that is 1/0 also indicates that you are at
the root switch. This is the sample command output:

This output shows that Switch 15 is the designated root on the
spanning tree for VLAN 1. The MAC address of the designated root switch,
00-10-0d-b1-78-00, is the same as the bridge ID
MAC address of Switch 15, 00-10-0d-b1-78-00.
Another indicator that this switch is the designated root is that the
designated root port is 1/0.

In this output from Switch 12, the switch recognizes Switch 15 as
the Designated Root for VLAN 1:

STP calculates the path cost based on the media speed (bandwidth) of
the links between switches and the port cost of each port forwarding frame.
Spanning tree selects the root port based on the path cost. The port with the
lowest path cost to the root bridge becomes the root port. The root port is
always in the forwarding state.

If the speed/duplex of the port is changed, spanning tree recalculates
the path cost automatically. A change in the path cost can change the spanning
tree topology.